Файл: btwars.ru/news.php
Строк: 285
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
$sub = _string(_num($_GET['sub']));
$topic = _string(_num($_GET['topic']));
if(!$sub && !$topic) {
$title = 'Новости';
include './system/h.php';
?>
<div class='line'></div>
<?
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `news_sub`'),0);
if($count > 0) {
if($_GET['create'] == true && $user['access'] == 2) {
$name = _string($_POST['name']);
$access = _string(_num($_POST['access']));
if($name) {
mysql_query('INSERT INTO `news_sub` (`name`,
`access`) VALUES ("'.$name.'",
"'.$access.'")');
header('location: /news/');
}
?>
<div class='content'>
<form action='/news/?create=true' method='post'>
Название раздела:<br/>
<input name='name'/><br/>
Создавать новости могут:<br/>
<select name='access'>
<option value='0'>все</option>
<option value='1'>модераторы</option>
<option value='2'>администраторы</option>
</select><br/>
<input type='submit' value='Создать'/>
</form>
</div>
<div class='line'></div>
<?
}
$id = _string(_num($_GET['id']));
if($id && $user['access'] == 2) {
$i = mysql_query('SELECT * FROM `news_sub` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
if(!$i) {
header('location: /news/');
exit;
}
$name = _string($_POST['name']);
if($name) {
mysql_query('UPDATE `news_sub` SET `name` = "'.$name.'" WHERE `id` = "'.$i['id'].'"');
header('location: /news/?adm=true');
}
?>
<div class='content'>
<form action='/news/?adm=true&id=<?=$i['id']?>' method='post'>
Название раздела:<br/>
<input name='name' value='<?=$i['name']?>'/> <input type='submit' value='Сохранить'/>
</form>
</div>
<div class='line'></div>
<?
if($_GET['delete'] == true) {
$q = mysql_query('SELECT * FROM `news_topic` WHERE `sub` = "'.$i['id'].'"');
while($row = mysql_fetch_array($q)) {
mysql_query('DELETE FROM `news_comments` WHERE `topic` = "'.$row['id'].'"');
}
mysql_query('DELETE FROM `news_topic` WHERE `sub` = "'.$i['id'].'"');
mysql_query('DELETE FROM `news_sub` WHERE `id` = "'.$i['id'].'"');
header('location: /news/?adm=true');
}
}
?>
<div class='list'>
<?
$q = mysql_query('SELECT * FROM `news_sub`');
while($row = mysql_fetch_array($q)) {
$i++;
?>
<li>
<?
if($_GET['adm'] == true && $user['access'] == 2) {
?>
<span style='float: right;'>( <a href='/news/?adm=true&id=<?=$row['id']?>&delete=true'>Удалить</a> | <a href='/news/?adm=true&id=<?=$row['id']?>'>Редактировать</a> )</span>
<?
}
?>
<a href='/news/sub/<?=$row['id']?>/'><img src='/images/icon/section.png' alt='*'/> <?=$row['name']?></a></li>
<?
}
?>
<li <?=($_GET['adm'] == true ? '':'class='no_b'')?>>
<?
if($user['access'] == 2) {
?>
<a href='/news/<?=($_GET['adm'] == true ? '':'?adm=true')?>' <?=($_GET['adm'] == true ? 'style='color: #909090;'':'')?>><img src='/images/icon/arrow.png' alt='*'/> Управление разделами</a></a>
<?
if($_GET['adm'] == true) {
?>
<li class='no_b'><a href='/news/?create=true'><img src='/images/icon/arrow.png' alt='*'/> Создать новость</a></li>
<?
}
}
?>
</li>
</div>
<?
}
else
{
?>
<div class='content'><font color='#909090'></font></div>
<?
}
include './system/f.php';
}
elseif($sub) {
$sub = mysql_query('SELECT * FROM `news_sub` WHERE `id` = "'.$sub.'"');
$sub = mysql_fetch_array($sub);
if(!$sub) {
header('location: /forum');
exit;
}
if($_GET['create'] == true && $user['access'] >= $sub['access']) {
$title = 'Новая новость';
include './system/h.php';
?>
<div class='line'></div>
<?
if($user['save'] == 1) {
$name = _string($_POST['name']);
$text = bbcode(_string($_POST['text']));
if($name && $text) {
if($user['level'] > 14) {
mysql_query('INSERT INTO `news_topic` (`sub`,
`name`,
`user`,
`text`,
`time`) VALUES ("'.$sub['id'].'",
"'.$name.'",
"'.$user['id'].'",
"'.$text.'",
"'.time().'")');
$topic_id = mysql_insert_id();
header('location: /news/topic/'.$topic_id.'/');
}
else
{
?>
<div class='content' align='center'><font color='#909090'>Новости можно создавать с <img src='/images/icon/level.png' alt='*'/> 15 уровня!</font></div>
<div class='line'></div>
<?
}
}
?>
<div class='content'>
<form action='/news/sub/<?=$sub['id']?>/?create=true' method='post'>
Новость:<br/>
<input name='name'/><br/>
Описание:<br/>
<textarea name='text' style='width: 100%;'></textarea><br/>
<input type='submit' value='Создать'/>
</form>
</div>
<?
}
else
{
?>
<div class='content'><font color='#999'>Для создания новости вам нужно сохранить своего персонажа</font></div>
<?
}
include './system/f.php';
}
else
{
$title = $sub['name'];
include './system/h.php';
?>
<div class='line'></div>
<?
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `news_topic` WHERE `sub` = "'.$sub['id'].'"'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
?>
<div class='list'>
<?
$q = mysql_query('SELECT * FROM `news_topic` WHERE `sub` = "'.$sub['id'].'" ORDER BY `stick` DESC, `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$i++;
?>
<li><a href='/news/topic/<?=$row['id']?>/' <?=($row['stick'] == 1 ? 'style="font-weight: bold;"':'')?>><img src='/images/icon/forum_<?=($row['close'] == 1 ? 3:2)?>.png' alt='*'/> <?=$row['name']?></a></li>
<?
}
?>
<li class='no_b'><?=pages('/news/sub/'.$sub['id'].'/?')?></li>
</li>
</div>
<?
}
else
{
?>
<div class='content'><font color='#999'>Новостей нет!</font></div>
<?
}
?>
</div>
<?
if($user['access'] >= $sub['access']) {
?>
<div class='line'></div>
<div class='list'>
<li class='no_b'><a href='/news/sub/<?=$sub['id']?>/?create=true'><img src='/images/icon/forum_2.png'> Создать новость</a></li>
</div>
<?
}
include './system/f.php';
}
}
elseif($topic) {
$topic = mysql_query('SELECT * FROM `news_topic` WHERE `id` = "'.$topic.'"');
$topic = mysql_fetch_array($topic);
if(!$topic) {
header('location: /news/');
exit;
}
$title = $topic['name'];
include './system/h.php';
$topic_user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$topic['user'].'"');
$topic_user = mysql_fetch_array($topic_user);
?>
<div class='line'></div>
<?
if($_GET['adm'] == true && $user['access'] > 0) {
?>
<div class='content'>
<img src='/images/icon/arrow.png' alt='*'/> <a href='/news/topic/<?=$topic['id']?>/?stick=true'> <?=($topic['stick'] == 0 ? 'Закрепить':'Открепить')?></a> | <a href='/news/topic/<?=$topic['id']?>/?close=true'> <?=($topic['close'] == 0 ? 'Закрыть':'Открыть')?></a> | <a href='/news/topic/<?=$topic['id']?>/?delete=true'>Удалить</a>
</div>
<div class='line'></div>
<?
}
?>
<div class='content'>
<img src='/images/icon/race/<?=$topic_user['r'].($topic_user['online'] > time() - 6000 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$topic_user['id']?>/'><?=$topic_user['login']?></a>, <?=_times(time() - $topic['time'])?><br/>
<?
if($topic_user['access'] == 1) {
?>
<font color='f09060'>
<?
}
if($topic_user['access'] == 2) {
?>
<font color='90c0c0'>
<?
}
?>
<?=bbcode(smiles($topic['text']))?>
<?
if($topic_user['access'] > 0) {
?>
</font>
<?
}
?>
</div>
<div class='line'></div>
<?
if($user['access'] > 0) {
if($_GET['stick'] == true) {
mysql_query('UPDATE `news_topic` SET `stick` = "'.($topic['stick'] == 0 ? 1:0).'" WHERE `id` = "'.$topic['id'].'"');
header('location: /news/topic/'.$topic['id'].'/?adm=true');
}
if($_GET['close'] == true) {
mysql_query('UPDATE `news_topic` SET `close` = "'.($topic['close'] == 0 ? 1:0).'" WHERE `id` = "'.$topic['id'].'"');
header('location: /news/topic/'.$topic['id'].'/?adm=true');
}
if($_GET['delete'] == true) {
$q = mysql_query('SELECT * FROM `news_comments` WHERE `topic` = "'.$topic['id'].'"');
while($row = mysql_fetch_array($q)) {
mysql_query('DELETE FROM `news_comments` WHERE `id` = "'.$row['id'].'"');
}
header('location: /news/sub/'.$topic['sub'].'/?adm=true');
mysql_query('DELETE FROM `news_topic` WHERE `id` = "'.$topic['id'].'"');
}
?>
<div class='list'>
<li class='no_b'><a href='/news/topic/<?=$topic['id']?>/<?=($_GET['adm'] == true ? '':'?adm=true')?>' <?=($_GET['adm'] == true ? 'style='color: #909090;'':'')?>><img src='/images/icon/arrow.png' alt='*'/> Управление новостью</a></li>
</div>
<div class='line'></div>
<?
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `news_comments` WHERE `topic` = "'.$topic['id'].'"'),0);
?>
<div class='content'>
Комментарии: <b><?=$count?></b>
</div>
<?
if($count > 0) {
?>
<div class='line'></div>
<div class='menu'>
<?
$max = 10;
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
$q = mysql_query('SELECT * FROM `news_comments` WHERE `topic` = "'.$topic['id'].'" ORDER BY `id` LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$comment_user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['user'].'"');
$comment_user = mysql_fetch_array($comment_user);
?>
<li><img src='/images/icon/race/<?=$comment_user['r'].($comment_user['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$comment_user['id']?>/'><?=$comment_user['login']?></a><?
if($comment_user['id'] != $user['id']) {
?> <a href='/news/topic/<?=$topic['id']?>/?page=<?=$page?>&to=<?=$comment_user['id']?>'>(»)</a><? } ?>, <?=_times(time() - $row['time'])?><br/>
<?
if($row['to']) {
$__to = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['to'].'"');
$__to = mysql_fetch_array($__to);
if($__to['id'] == $user['id']) {
?>
<font color='#90c090'>
<?
}
?>
<?=$__to['login']?>,
<?
if($__to['id'] == $user['id']) {
?>
</font>
<?
}
}
if($comment_user['access'] == 1) {
?>
<font color='f09060'>
<?
}
if($comment_user['access'] == 2) {
?>
<font color='90c0c0'>
<?
}
?>
<?=bbcode(smiles($row['text']))?>
<?
if($comment_user['access'] > 0) {
?>
</font>
<?
}
if($user['access'] > 0) {
$comment = _string(_num($_GET['comment']));
if($comment) {
mysql_query('DELETE FROM `news_comments` WHERE `id` = "'.$comment.'"');
header('location: /news/topic/'.$topic['id'].'/?page='.$page);
}
?>
<a href='/news/topic/<?=$topic['id']?>/?page=<?=$page?>&comment=<?=$row['id']?>'>[x]</a>
<?
}
?>
</li>
<?
}
?>
<li class='no_b'><?=pages('/news/topic/'.$topic['id'].'/?')?></li>
</div>
<?
}
?>
<div class='line'></div>
<div class='content'>
<?
if($topic['close'] == 0) {
if($user['save'] == 1) {
if($user['level'] > 5) {
$text = bbcode(_string($_POST['text']));
$to = _string(_num($_GET['to']));
if($to) {
$_to = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$to.'"');
$_to = mysql_fetch_array($_to);
if(!$_to OR $_to['id'] == $user['id']) {
header('location: /news/topic/'.$topic['id'].'/?page='.$page);
exit;
}
}
if($_to) {
$text = str_replace($_to['login'].', ', '', $text);
}
if($text) {
mysql_query('INSERT INTO `news_comments` (`topic`,`user`,`to`,`text`,`time`) VALUES ("'.$topic['id'].'", "'.$user['id'].'", "'.$_to['id'].'", "'.$text.'", "'.time().'")');
header('location: /news/topic/'.$topic['id'].'/?page='.$pages);
}
?>
<form action='/news/topic/<?=$topic['id']?>/?page=<?=$page?>&to=<?=$to?>' method='post'>
Комментарий:<br/>
<textarea name='text' style='width: 100%;'><?=($to ? $_to['login'].', ':'')?></textarea><br/>
<input type='submit' value='Отправить'/>
</form>
<?
}
else
{
?>
<font color='#999'>Писать в новостях можно с <img src='/images/icon/level.png' alt='*'/> 5 уровня</font>
<?
}
}
else
{
?>
<font color='#999'>Для общения в новостях вам нужно сохранить своего персонажа</font>
<?
}
}
else
{
?>
<font color='#f33'>Нельзя комментировать!</font>
<?
}
?>
</div>
<?
include './system/f.php';
}
?>